Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

REST API calls seem wrong #326

Open
quintonn opened this issue Aug 18, 2023 · 1 comment
Open

REST API calls seem wrong #326

quintonn opened this issue Aug 18, 2023 · 1 comment

Comments

@quintonn
Copy link

Describe the bug
I set up a docker instance with hashicorp/vault with the very basic.
Now I'm trying to run VaultSharp code against it.
But I noticed the API Request URLs seem wrong.

I created a proxy and compared the requests to running the "vault" commands directly inside the container, but setting the -address flag to go through my router.

An example is:
vaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync("/my-app", secretData, null, "my-auth/servers")
This creates a REST call to: /v1/my-auth/servers/data/my-app
The same command from vault makes a request to v1/my-auth/servers/my-app
Notice the extra data part.

I checked the source code and it adds whatever I give for secretData to an object called data.

What is the reason for this?

If I leave my code as is, I get an error "missing client ID".

I am trying to write the following:

var secretData = new Dictionary<string, object>()
{ 
    { "provider", "oidc" } ,
    { "provider_options", "issuer_url=https://test.my.salesforce.com" },
    { "client_id", "123" },
    { "client_secret", "456" }
};

I am trying to add the oauthapp plugin via c-sharp, but can't get passed this step.

I also couldn't find the equivalent of vault secrets enable -path=oauth2 oauthapp. Is this possible via the VaultSharp library?

VaultSharp Version
1.13.0.1

Vault Version
Vault v1.14.1 (bf23fe8636b04d554c0fa35a756c75c2f59026c0), built 2023-07-21T10:15:14Z

Does this work with Vault CLI?
Yes

Sample Code Snippet
See above

Exception Details/Stack Trace/Error Message
I get "missing client id"

Any additional info
n/a
@konidev20
Copy link
Contributor

Hey @quintonn,

As I see it in the documentation https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#create-update-secret. The URL path VaultSharp is generating is correct.

As I see it, you are using vaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync.. which is used to update the KVv2 secret engine not to configure an Auth method.

You're trying to configure an OAuth auth method, which is a plugin, which I don't think we support yet. We only have APIs to fetch tokens from custom auth providers. Refer: https://github.com/rajanadar/VaultSharp/tree/master#custom-auth-method---bring-your-own-vault-token

I consider this a feature request. In the custom auth provider we must be able to add an interface to configure any auth provider plugins.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@konidev20 @quintonn